Thanks Andy for the response! After stopping all the SSH services, I restarted the external ssh by the command /etc/init.d/ext_ssh start and as you said, ext_ssh is listening on the private IP address. I am attaching the ssh, ext_ssh and external_ssh_config files. Also the output for command used to start the external sshd process: ps -ef | grep sshd is not as you said.
Hope this helps to figure out the problem! On Fri, May 14, 2010 at 11:22 AM, Andy Kurth <andy_ku...@ncsu.edu> wrote: > Assuming you have a way to access the console without SSH, try stopping all > sshd processes and then start ext_sshd. Check which address it's listening > on: > netstat -l -n | grep ':22' > > You should see something like: > tcp 0 0 <IP address>:22 0.0.0.0:* LISTEN > > If it's listening on the private address, then there's a problem with > either the ext_sshd script or /etc/ssh/external_sshd_config. Please include > the contents of these files. > > If it's listening on the public address and you still can't connect, check > the firewall. > > Also check the command used to start the external sshd process: > ps -ef | grep sshd > > You should see something like: > /usr/sbin/sshd -f /etc/ssh/external_sshd_config > > Hope this helps, > Andy > > > Kiran N wrote: > >> Hello All, >> I am trying to create an Ubuntu base image. I have followed the >> instructions >> as given in >> https://cwiki.apache.org/VCL/create-a-linux-base-image.html >> I am able to ssh on the private network(eth1) from my management node but >> I >> am unable to ssh on the public network(eth0). >> I start my ssh on public interface by /etc/init.d/ext_ssh start and it >> shows >> a message saying SSH started successfully but actually there is no ssh >> port >> which listens on public interface. Hence I am unable to ssh remotely. >> Are there any extra changes to be made for an ubuntu base image? Any input >> will be helpful! >> >> -- Thanks, Kiran
#! /bin/sh ### BEGIN INIT INFO # Provides: ext_ssh # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 1 # Short-Description: OpenBSD Secure Shell server ### END INIT INFO set -e OPTIONS='-f /etc/ssh/external_sshd_config' PID_FILE=/var/run/ext_sshd.pid # /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon test -x /usr/sbin/ext_ssh || exit 0 ( /usr/sbin/ext_ssh -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 export SSHD_OOM_ADJUST=-17 if test -f /etc/default/ext_ssh; then . /etc/default/ext_ssh fi # Are we in a virtual environment that doesn't support modifying # /proc/self/oom_adj? if grep -q 'envID:.*[1-9]' /proc/self/status; then unset SSHD_OOM_ADJUST fi . /lib/lsb/init-functions if [ -n "$2" ]; then SSHD_OPTS="$SSHD_OPTS $2" fi # Are we running from init? run_by_init() { ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ] } check_for_no_start() { # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists if [ -e /etc/ssh/sshd_not_to_be_run ]; then if [ "$1" = log_end_msg ]; then log_end_msg 0 fi if ! run_by_init; then log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" fi exit 0 fi } check_dev_null() { if [ ! -c /dev/null ]; then if [ "$1" = log_end_msg ]; then log_end_msg 1 || true fi if ! run_by_init; then log_action_msg "/dev/null is not a character device!" fi exit 1 fi } check_privsep_dir() { # Create the PrivSep empty dir if necessary if [ ! -d /var/run/ext_ssh ]; then mkdir /var/run/ext_ssh chmod 0755 /var/run/ext_ssh fi } check_config() { if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then /usr/sbin/ext_ssh -t || exit 1 fi } export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" case "$1" in start) check_privsep_dir check_for_no_start check_dev_null log_daemon_msg "Starting OpenBSD Secure Shell server" "ext_ssh" if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/ext_ssh.pid --exec /usr/sbin/ext_ssh -- $SSHD_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; stop) log_daemon_msg "Stopping OpenBSD Secure Shell server" "ext_ssh" if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/ext_ssh.pid; then log_end_msg 0 else log_end_msg 1 fi ;; reload|force-reload) check_for_no_start check_config log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "ext_ssh" if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/ext_ssh.pid --exec /usr/sbin/ext_ssh; then log_end_msg 0 else log_end_msg 1 fi ;; restart) check_privsep_dir check_config log_daemon_msg "Restarting OpenBSD Secure Shell server" "ext_ssh" start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/ext_ssh.pid check_for_no_start log_end_msg check_dev_null log_end_msg if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/ext_ssh.pid --exec /usr/sbin/ext_ssh -- $SSHD_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; try-restart) check_privsep_dir check_config log_daemon_msg "Restarting OpenBSD Secure Shell server" "ext_ssh" set +e start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/ext_ssh.pid RET="$?" set -e case $RET in 0) # old daemon stopped check_for_no_start log_end_msg check_dev_null log_end_msg if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/ext_ssh.pid --exec /usr/sbin/ext_ssh -- $SSHD_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; 1) # daemon not running log_progress_msg "(not running)" log_end_msg 0 ;; *) # failed to stop log_progress_msg "(failed to stop)" log_end_msg 1 ;; esac ;; status) status_of_proc -p /var/run/ext_ssh.pid /usr/sbin/ext_ssh sshd && exit 0 || exit $? ;; *) log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" exit 1 esac exit 0
#! /bin/sh ### BEGIN INIT INFO # Provides: sshd # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 1 # Short-Description: OpenBSD Secure Shell server ### END INIT INFO set -e # /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon test -x /usr/sbin/sshd || exit 0 ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 export SSHD_OOM_ADJUST=-17 if test -f /etc/default/ssh; then . /etc/default/ssh fi # Are we in a virtual environment that doesn't support modifying # /proc/self/oom_adj? if grep -q 'envID:.*[1-9]' /proc/self/status; then unset SSHD_OOM_ADJUST fi . /lib/lsb/init-functions if [ -n "$2" ]; then SSHD_OPTS="$SSHD_OPTS $2" fi # Are we running from init? run_by_init() { ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ] } check_for_no_start() { # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists if [ -e /etc/ssh/sshd_not_to_be_run ]; then if [ "$1" = log_end_msg ]; then log_end_msg 0 fi if ! run_by_init; then log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" fi exit 0 fi } check_dev_null() { if [ ! -c /dev/null ]; then if [ "$1" = log_end_msg ]; then log_end_msg 1 || true fi if ! run_by_init; then log_action_msg "/dev/null is not a character device!" fi exit 1 fi } check_privsep_dir() { # Create the PrivSep empty dir if necessary if [ ! -d /var/run/sshd ]; then mkdir /var/run/sshd chmod 0755 /var/run/sshd fi } check_config() { if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then /usr/sbin/sshd -t || exit 1 fi } export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" case "$1" in start) check_privsep_dir check_for_no_start check_dev_null log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; stop) log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then log_end_msg 0 else log_end_msg 1 fi ;; reload|force-reload) check_for_no_start check_config log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then log_end_msg 0 else log_end_msg 1 fi ;; restart) check_privsep_dir check_config log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid check_for_no_start log_end_msg check_dev_null log_end_msg if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; try-restart) check_privsep_dir check_config log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" set +e start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid RET="$?" set -e case $RET in 0) # old daemon stopped check_for_no_start log_end_msg check_dev_null log_end_msg if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; 1) # daemon not running log_progress_msg "(not running)" log_end_msg 0 ;; *) # failed to stop log_progress_msg "(failed to stop)" log_end_msg 1 ;; esac ;; status) status_of_proc -p /var/run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $? ;; *) log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" exit 1 esac exit 0
# Package generated configuration file # See the sshd(8) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 0 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin yes StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no ##############MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes ListenAddress 9.39.65.93